Lucene search
HistoryOct 21, 2014 - 3:55 p.m.
CVE-2014-7280
vulnerability
xss
tenable nessus
web security
cve-2014-7280
4.3 Medium
CVSS2
Attack Vector
NETWORK
Attack Complexity
MEDIUM
Authentication
NONE
Confidentiality Impact
NONE
Integrity Impact
PARTIAL
Availability Impact
NONE
AV:N/AC:M/Au:N/C:N/I:P/A:N
5.7 Medium
AI Score
Confidence
High
0.007 Low
EPSS
Percentile
80.3%
Cross-site scripting (XSS) vulnerability in the Web UI before 2.3.4 Build #85 for Tenable Nessus 5.x allows remote web servers to inject arbitrary web script or HTML via the server header.
Affected configurations
Node
tenableweb_uiRange≤2.3.3
| CPE | Name | Operator | Version |
|---|---|---|---|
| tenable:web_ui | tenable web ui | le | 2.3.3 |
References
Related
seebug
seebug
Nessus Web UI 2.3.3 - Stored XSS
2014-10-10 00:00:00
exploitpack
exploitpack
Nessus Web UI 2.3.3 - Persistent Cross-Site Scripting
2014-10-09 00:00:00
nessus
nessus
Nessus Web UI Scanned Content Stored XSS
2016-02-25 00:00:00
zdt
zdt
Nessus Web UI 2.3.3 Cross Site Scripting Vulnerability
2014-10-09 00:00:00
prion
prion
Cross site scripting
2014-10-21 15:55:00
packetstorm
packetstorm
Nessus Web UI 2.3.3 Cross Site Scripting
2014-10-07 00:00:00
cvelist
cvelist
CVE-2014-7280
2014-10-21 15:00:00
nvd
nvd
CVE-2014-7280
2014-10-21 15:55:07
exploitdb
exploitdb
Nessus Web UI 2.3.3 - Persistent Cross-Site Scripting
2014-10-09 00:00:00
4.3 Medium
CVSS2
Attack Vector
NETWORK
Attack Complexity
MEDIUM
Authentication
NONE
Confidentiality Impact
NONE
Integrity Impact
PARTIAL
Availability Impact
NONE
AV:N/AC:M/Au:N/C:N/I:P/A:N
5.7 Medium
AI Score
Confidence
High
0.007 Low
EPSS
Percentile
80.3%
Related for CVE-2014-7280